Skip to main content

Healthcare and Public Health Cybersecurity

ASPR Serves as the Sector Risk Management Agency for the Health Care and Public Health Sector to Protect Patient Health and Safety

The Healthcare and Public Health (HPH) sector continues to experience increasingly sophisticated cyberattacks that exploit complex, interconnected IT systems at hospitals and health care facilities. Nationwide, health care and public health IT infrastructures suffer from many common vulnerabilities: underfunded cybersecurity programs, vulnerable legacy systems, a growing need for skilled cybersecurity professionals, and network-connected medical technologies, including medical devices.

These cyberattacks against the HPH sector are growing both in numbers and severity, with the frequency of cyberattacks on hospitals and health systems more than doubling from 2016 to 2021. The HPH sector experienced a 42 percent increase in ransomware attacks in 2022 compared to 2021. The cost of an average health care data breach has reached $10.93 million, according to a report from IBM Security. That's an 8% jump from a year ago, when the average cost topped $10 million for the first time. In health care, cyber risks are patient risks - unlike other more typical industries impacted by cybersecurity threats (e.g., energy, finance), disruptions in health care could cost lives.

ASPR has worked with our partners in HHS, across the federal government, and with industry to develop resources to help hospitals and health care facilities protect themselves and their patient's from cyber attacks.

ASPR leads the HHS divisions and works with our public and private partners to provide guidance and support to help enhance cybersecurity for the health care and public health sectors.

Learn more about ASPR's role in cybersecurity

Subscribe to ASPR’s Cybersecurity Bulletins

Get information on cyber incidents, news, resources, engagement opportunities, and security updates sent right to your inbox.

Stay Informed. Subscribe Today.
Top Resource Icon
CISA CyberSecurity Advisory #StopRansomware: Black Basta
This joint CSA to provides information on Black Basta, a ransomware variant whose actors have encrypted and stolen data from at least 12 out of 16 critical infrastructure sectors, including the Healthcare and Public Health (HPH) Sector.
Learn More
Hospital Icon
CISA CyberSecurity Advisory #StopRansomware: Black Basta
This joint CSA to provides information on Black Basta, a ransomware variant whose actors have encrypted and stolen data from at least 12 out of 16 critical infrastructure sectors, including the Healthcare and Public Health (HPH) Sector.
Learn More
Supply Chain Icon
CISA CyberSecurity Advisory #StopRansomware: Black Basta
This joint CSA to provides information on Black Basta, a ransomware variant whose actors have encrypted and stolen data from at least 12 out of 16 critical infrastructure sectors, including the Healthcare and Public Health (HPH) Sector.
Learn More
Response Icon
CISA CyberSecurity Advisory #StopRansomware: Black Basta
This joint CSA to provides information on Black Basta, a ransomware variant whose actors have encrypted and stolen data from at least 12 out of 16 critical infrastructure sectors, including the Healthcare and Public Health (HPH) Sector.
Learn More
Risk Assessment Icon
CISA CyberSecurity Advisory #StopRansomware: Black Basta
This joint CSA to provides information on Black Basta, a ransomware variant whose actors have encrypted and stolen data from at least 12 out of 16 critical infrastructure sectors, including the Healthcare and Public Health (HPH) Sector.
Learn More
Cross Cutting Icon
CISA CyberSecurity Advisory #StopRansomware: Black Basta
This joint CSA to provides information on Black Basta, a ransomware variant whose actors have encrypted and stolen data from at least 12 out of 16 critical infrastructure sectors, including the Healthcare and Public Health (HPH) Sector.
Learn More
Supply Chain Icon
CISA Alert: CISA and Partners Release Advisory on Black BASTA Ransomware
CISA, in partnership with the FBI, HHS, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released joint Cybersecurity Advisory (CSA) #StopRansomware: Black Basta to provide cybersecurity defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) used by known Black Basta ransomware affiliates and identified through FBI investigations and third-party reporting.
Learn More
Hospital Icon
CISA Alert: CISA and Partners Release Advisory on Black BASTA Ransomware
CISA, in partnership with the FBI, HHS, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released joint Cybersecurity Advisory (CSA) #StopRansomware: Black Basta to provide cybersecurity defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) used by known Black Basta ransomware affiliates and identified through FBI investigations and third-party reporting.
Learn More
Response Icon
CISA Alert: CISA and Partners Release Advisory on Black BASTA Ransomware
CISA, in partnership with the FBI, HHS, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released joint Cybersecurity Advisory (CSA) #StopRansomware: Black Basta to provide cybersecurity defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) used by known Black Basta ransomware affiliates and identified through FBI investigations and third-party reporting.
Learn More
Risk Assessment Icon
CISA Alert: CISA and Partners Release Advisory on Black BASTA Ransomware
CISA, in partnership with the FBI, HHS, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released joint Cybersecurity Advisory (CSA) #StopRansomware: Black Basta to provide cybersecurity defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) used by known Black Basta ransomware affiliates and identified through FBI investigations and third-party reporting.
Learn More
Cross Cutting Icon
CISA Alert: CISA and Partners Release Advisory on Black BASTA Ransomware
CISA, in partnership with the FBI, HHS, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released joint Cybersecurity Advisory (CSA) #StopRansomware: Black Basta to provide cybersecurity defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) used by known Black Basta ransomware affiliates and identified through FBI investigations and third-party reporting.
Learn More
Top Resource Icon
CISA Alert: CISA and Partners Release Advisory on Black BASTA Ransomware
CISA, in partnership with the FBI, HHS, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released joint Cybersecurity Advisory (CSA) #StopRansomware: Black Basta to provide cybersecurity defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) used by known Black Basta ransomware affiliates and identified through FBI investigations and third-party reporting.
Learn More
Top Resource Icon
Plan: Version 2 of the National Cybersecurity Strategy Implementation Plan
Version 2 of the National Cybersecurity Strategy Implementation Plan (NCSIP)outlines actions the Federal Government is taking to improve U.S. National Cybersecurity posture. This updated roadmap describes 100 high-impact Federal initiatives, each intended to substantively increase our collective digital security and systemic resilience.
Learn More
Cross Cutting Icon
Plan: Version 2 of the National Cybersecurity Strategy Implementation Plan
Version 2 of the National Cybersecurity Strategy Implementation Plan (NCSIP)outlines actions the Federal Government is taking to improve U.S. National Cybersecurity posture. This updated roadmap describes 100 high-impact Federal initiatives, each intended to substantively increase our collective digital security and systemic resilience.
Learn More
Risk Assessment Icon
Plan: Version 2 of the National Cybersecurity Strategy Implementation Plan
Version 2 of the National Cybersecurity Strategy Implementation Plan (NCSIP)outlines actions the Federal Government is taking to improve U.S. National Cybersecurity posture. This updated roadmap describes 100 high-impact Federal initiatives, each intended to substantively increase our collective digital security and systemic resilience.
Learn More
Response Icon
Plan: Version 2 of the National Cybersecurity Strategy Implementation Plan
Version 2 of the National Cybersecurity Strategy Implementation Plan (NCSIP)outlines actions the Federal Government is taking to improve U.S. National Cybersecurity posture. This updated roadmap describes 100 high-impact Federal initiatives, each intended to substantively increase our collective digital security and systemic resilience.
Learn More
Supply Chain Icon
Plan: Version 2 of the National Cybersecurity Strategy Implementation Plan
Version 2 of the National Cybersecurity Strategy Implementation Plan (NCSIP)outlines actions the Federal Government is taking to improve U.S. National Cybersecurity posture. This updated roadmap describes 100 high-impact Federal initiatives, each intended to substantively increase our collective digital security and systemic resilience.
Learn More
Hospital Icon
Plan: Version 2 of the National Cybersecurity Strategy Implementation Plan
Version 2 of the National Cybersecurity Strategy Implementation Plan (NCSIP)outlines actions the Federal Government is taking to improve U.S. National Cybersecurity posture. This updated roadmap describes 100 high-impact Federal initiatives, each intended to substantively increase our collective digital security and systemic resilience.
Learn More
Cross Cutting Icon
Fact Sheet: Version 2 of the National Cybersecurity Strategy Implementation Plan
This next phase of the NCSIP follows the progress to date and displays the Administration's commitment to transparency and accountability as the National Cybersecurity Strategy is implemented.Highlights of the Version 2 of the National Cybersecurity Strategy Implementation Plan (NCSIP) are included in this fact sheet.
Learn More
Top Resource Icon
Fact Sheet: Version 2 of the National Cybersecurity Strategy Implementation Plan
This next phase of the NCSIP follows the progress to date and displays the Administration's commitment to transparency and accountability as the National Cybersecurity Strategy is implemented.Highlights of the Version 2 of the National Cybersecurity Strategy Implementation Plan (NCSIP) are included in this fact sheet.
Learn More
Hospital Icon
Fact Sheet: Version 2 of the National Cybersecurity Strategy Implementation Plan
This next phase of the NCSIP follows the progress to date and displays the Administration's commitment to transparency and accountability as the National Cybersecurity Strategy is implemented.Highlights of the Version 2 of the National Cybersecurity Strategy Implementation Plan (NCSIP) are included in this fact sheet.
Learn More
Supply Chain Icon
Fact Sheet: Version 2 of the National Cybersecurity Strategy Implementation Plan
This next phase of the NCSIP follows the progress to date and displays the Administration's commitment to transparency and accountability as the National Cybersecurity Strategy is implemented.Highlights of the Version 2 of the National Cybersecurity Strategy Implementation Plan (NCSIP) are included in this fact sheet.
Learn More
Response Icon
Fact Sheet: Version 2 of the National Cybersecurity Strategy Implementation Plan
This next phase of the NCSIP follows the progress to date and displays the Administration's commitment to transparency and accountability as the National Cybersecurity Strategy is implemented.Highlights of the Version 2 of the National Cybersecurity Strategy Implementation Plan (NCSIP) are included in this fact sheet.
Learn More
Risk Assessment Icon
Fact Sheet: Version 2 of the National Cybersecurity Strategy Implementation Plan
This next phase of the NCSIP follows the progress to date and displays the Administration's commitment to transparency and accountability as the National Cybersecurity Strategy is implemented.Highlights of the Version 2 of the National Cybersecurity Strategy Implementation Plan (NCSIP) are included in this fact sheet.
Learn More
Tools Icon
HPH Cybersecurity Performance Goals (CPG)
These CPGs are a voluntary subset of cybersecurity practices that healthcare organizations, and healthcare delivery organizations in particular, can prioritize to strengthen cyber preparedness, improve cyber resiliency, and ultimately protect patient health information and safety.
Learn More
Risk Assessment Icon
HPH Cybersecurity Performance Goals (CPG)
These CPGs are a voluntary subset of cybersecurity practices that healthcare organizations, and healthcare delivery organizations in particular, can prioritize to strengthen cyber preparedness, improve cyber resiliency, and ultimately protect patient health information and safety.
Learn More
Response Icon
HPH Cybersecurity Performance Goals (CPG)
These CPGs are a voluntary subset of cybersecurity practices that healthcare organizations, and healthcare delivery organizations in particular, can prioritize to strengthen cyber preparedness, improve cyber resiliency, and ultimately protect patient health information and safety.
Learn More
Hospital Icon
HPH Cybersecurity Performance Goals (CPG)
These CPGs are a voluntary subset of cybersecurity practices that healthcare organizations, and healthcare delivery organizations in particular, can prioritize to strengthen cyber preparedness, improve cyber resiliency, and ultimately protect patient health information and safety.
Learn More
Cross Cutting Icon
HPH Cybersecurity Performance Goals (CPG)
These CPGs are a voluntary subset of cybersecurity practices that healthcare organizations, and healthcare delivery organizations in particular, can prioritize to strengthen cyber preparedness, improve cyber resiliency, and ultimately protect patient health information and safety.
Learn More
Top Resource Icon
HPH Cybersecurity Performance Goals (CPG)
These CPGs are a voluntary subset of cybersecurity practices that healthcare organizations, and healthcare delivery organizations in particular, can prioritize to strengthen cyber preparedness, improve cyber resiliency, and ultimately protect patient health information and safety.
Learn More
Hospital Icon
Health Care and Public Health sector cybersecurity framework implementation guide
Developed to help organizations establish a strong cybersecurity program or validate the effectiveness of an existing program, this guide helps organizations map their existing program to the NIST Cybersecurity Framework, identify improvements, and communicate results. This guide was developed to incorporate and align with processes and tools currently in use or under consideration.
Learn More
Supply Chain Icon
Health Care and Public Health sector cybersecurity framework implementation guide
Developed to help organizations establish a strong cybersecurity program or validate the effectiveness of an existing program, this guide helps organizations map their existing program to the NIST Cybersecurity Framework, identify improvements, and communicate results. This guide was developed to incorporate and align with processes and tools currently in use or under consideration.
Learn More
Response Icon
Health Care and Public Health sector cybersecurity framework implementation guide
Developed to help organizations establish a strong cybersecurity program or validate the effectiveness of an existing program, this guide helps organizations map their existing program to the NIST Cybersecurity Framework, identify improvements, and communicate results. This guide was developed to incorporate and align with processes and tools currently in use or under consideration.
Learn More
Risk Assessment Icon
Health Care and Public Health sector cybersecurity framework implementation guide
Developed to help organizations establish a strong cybersecurity program or validate the effectiveness of an existing program, this guide helps organizations map their existing program to the NIST Cybersecurity Framework, identify improvements, and communicate results. This guide was developed to incorporate and align with processes and tools currently in use or under consideration.
Learn More
Top Resource Icon
Health Care and Public Health sector cybersecurity framework implementation guide
Developed to help organizations establish a strong cybersecurity program or validate the effectiveness of an existing program, this guide helps organizations map their existing program to the NIST Cybersecurity Framework, identify improvements, and communicate results. This guide was developed to incorporate and align with processes and tools currently in use or under consideration.
Learn More
Cross Cutting Icon
Health Care and Public Health sector cybersecurity framework implementation guide
Developed to help organizations establish a strong cybersecurity program or validate the effectiveness of an existing program, this guide helps organizations map their existing program to the NIST Cybersecurity Framework, identify improvements, and communicate results. This guide was developed to incorporate and align with processes and tools currently in use or under consideration.
Learn More
Hospital Icon
Health care Sector Cybersecurity: Introduction to the Strategy of the U.S. Department of Health And Human Services
Overview of HHS recommendations to help the health care and public health sector address cyber threats.
Learn More
Cross Cutting Icon
Health care Sector Cybersecurity: Introduction to the Strategy of the U.S. Department of Health And Human Services
Overview of HHS recommendations to help the health care and public health sector address cyber threats.
Learn More
Top Resource Icon
Health care Sector Cybersecurity: Introduction to the Strategy of the U.S. Department of Health And Human Services
Overview of HHS recommendations to help the health care and public health sector address cyber threats.
Learn More
Top Resource Icon
National Cybersecurity Strategy Implementation Plan (2023)
This plan outlines a path for achieving two significant changes: the need for more capable actors in cybersecurity and the need to increase incentive to make investments in long-term resilience.
Learn More
Hospital Icon
Health industry cybersecurity practices: Managing threats and protecting patients (hicp 2023 ed.)
Featuring recommendations and best practices to prepare for and fight against cybersecurity threats that can impact patient safety, this document outlines the top threats facing the HPH Sector. It has been developed with all stakeholders in mind; organizations from small to large can benefit from the resources and best practices provided in the main document and additional two technical volumes.
Learn More
Tools Icon
Health industry cybersecurity practices: Managing threats and protecting patients (hicp 2023 ed.)
Featuring recommendations and best practices to prepare for and fight against cybersecurity threats that can impact patient safety, this document outlines the top threats facing the HPH Sector. It has been developed with all stakeholders in mind; organizations from small to large can benefit from the resources and best practices provided in the main document and additional two technical volumes.
Learn More
Cross Cutting Icon
Health industry cybersecurity practices: Managing threats and protecting patients (hicp 2023 ed.)
Featuring recommendations and best practices to prepare for and fight against cybersecurity threats that can impact patient safety, this document outlines the top threats facing the HPH Sector. It has been developed with all stakeholders in mind; organizations from small to large can benefit from the resources and best practices provided in the main document and additional two technical volumes.
Learn More
Top Resource Icon
Health industry cybersecurity practices: Managing threats and protecting patients (hicp 2023 ed.)
Featuring recommendations and best practices to prepare for and fight against cybersecurity threats that can impact patient safety, this document outlines the top threats facing the HPH Sector. It has been developed with all stakeholders in mind; organizations from small to large can benefit from the resources and best practices provided in the main document and additional two technical volumes.
Learn More
Top Resource Icon
health care system cybersecurity: readiness and response considerations
Focuses on the effects of a cyber incident on the health care operational environment; one that impacts the ability to effectively care for patients and maintain business practices and readiness during such an event. It covers many strategies and principles relevant to a range of cybersecurity incidents and health care facilities included disruptions associated with a large-scale cyberattack.
Learn More
Hospital Icon
health care system cybersecurity: readiness and response considerations
Focuses on the effects of a cyber incident on the health care operational environment; one that impacts the ability to effectively care for patients and maintain business practices and readiness during such an event. It covers many strategies and principles relevant to a range of cybersecurity incidents and health care facilities included disruptions associated with a large-scale cyberattack.
Learn More
Top Resource Icon
Health industry cybersecurity protection of innovation capital
With a focus on Innovation Capital protection, this resource can help security and risk practitioners protect their systems at any stage of their information protection program's maturity.
Learn More
Cross Cutting Icon
Health industry cybersecurity protection of innovation capital
With a focus on Innovation Capital protection, this resource can help security and risk practitioners protect their systems at any stage of their information protection program's maturity.
Learn More
Risk Assessment Icon
Health industry cybersecurity protection of innovation capital
With a focus on Innovation Capital protection, this resource can help security and risk practitioners protect their systems at any stage of their information protection program's maturity.
Learn More
Hospital Icon
Hospital Cyber Resiliency Landscape Analysis
This resource highlights findings and issues affecting the cybersecurity resiliency of U.S. hospitals to better identify the biggest threats facing hospitals and assess their cybersecurity capabilities relative to commonly accepted cybersecurity practices.
Learn More
Response Icon
Hospital Cyber Resiliency Landscape Analysis
This resource highlights findings and issues affecting the cybersecurity resiliency of U.S. hospitals to better identify the biggest threats facing hospitals and assess their cybersecurity capabilities relative to commonly accepted cybersecurity practices.
Learn More
Top Resource Icon
Hospital Cyber Resiliency Landscape Analysis
This resource highlights findings and issues affecting the cybersecurity resiliency of U.S. hospitals to better identify the biggest threats facing hospitals and assess their cybersecurity capabilities relative to commonly accepted cybersecurity practices.
Learn More
Cross Cutting Icon
Health industry cybersecurity tactical crisis response guide
With a focus on Innovation Capital protection, this resource can help security and risk practitioners protect their systems at any stage of their information protection program's maturity.
Learn More
Top Resource Icon
Health industry cybersecurity tactical crisis response guide
With a focus on Innovation Capital protection, this resource can help security and risk practitioners protect their systems at any stage of their information protection program's maturity.
Learn More
Top Resource Icon
health industry cybersecurity information sharing best practices
Provides HPH Sector organizations interested in information sharing with a set of guidelines and best practices for efficient and effective information sharing.
Learn More
Cross Cutting Icon
health industry cybersecurity information sharing best practices
Provides HPH Sector organizations interested in information sharing with a set of guidelines and best practices for efficient and effective information sharing.
Learn More
Top Resource Icon
security risk assessment tool
This risk assessment toolhelps your organization ensure it is compliant with HIPAA's administrative, physical, and technical safeguards. It also helps reveal areas where your organization's protected health information could be at risk. Designed for medium and small providers.
Learn More
Cross Cutting Icon
security risk assessment tool
This risk assessment toolhelps your organization ensure it is compliant with HIPAA's administrative, physical, and technical safeguards. It also helps reveal areas where your organization's protected health information could be at risk. Designed for medium and small providers.
Learn More
Tools Icon
security risk assessment tool
This risk assessment toolhelps your organization ensure it is compliant with HIPAA's administrative, physical, and technical safeguards. It also helps reveal areas where your organization's protected health information could be at risk. Designed for medium and small providers.
Learn More
Risk Assessment Icon
security risk assessment tool
This risk assessment toolhelps your organization ensure it is compliant with HIPAA's administrative, physical, and technical safeguards. It also helps reveal areas where your organization's protected health information could be at risk. Designed for medium and small providers.
Learn More
Hospital Icon
security risk assessment tool
This risk assessment toolhelps your organization ensure it is compliant with HIPAA's administrative, physical, and technical safeguards. It also helps reveal areas where your organization's protected health information could be at risk. Designed for medium and small providers.
Learn More
Top Resource Icon
risc toolkit 2.0: the risk identification and site criticality toolkit
An objective, data-driven all-hazards risk assessment for use by public and private organizations within the HPH sector to inform emergency preparedness planning, risk management activities, and resource investments. This tool enables the user to estimate the human, property, and business impacts to a facility that may result from 67 internal and external threats, including cyber threats.
Learn More
Cross Cutting Icon
risc toolkit 2.0: the risk identification and site criticality toolkit
An objective, data-driven all-hazards risk assessment for use by public and private organizations within the HPH sector to inform emergency preparedness planning, risk management activities, and resource investments. This tool enables the user to estimate the human, property, and business impacts to a facility that may result from 67 internal and external threats, including cyber threats.
Learn More
Tools Icon
risc toolkit 2.0: the risk identification and site criticality toolkit
An objective, data-driven all-hazards risk assessment for use by public and private organizations within the HPH sector to inform emergency preparedness planning, risk management activities, and resource investments. This tool enables the user to estimate the human, property, and business impacts to a facility that may result from 67 internal and external threats, including cyber threats.
Learn More
Top Resource Icon
ASPR TRACIE: Health Care Cybersecurity
Updated in 2022, this collection of resources can help stakeholders (including practitioners, facility executives, information technology professionals, and emergency managers) better protect against, mitigate, respond to, and recover from cyberattacks to ensure patient safety and operational continuity.
Learn More
Top Resource Icon
Tailored top reads from 405(D)
The 405(d) program has developed a tailored list of must-read resources for health care practitioners and IT professionals at health care organizations of all sizes. Just indicate your role and the size of your organization, and the 405(d) program will provide you with a customized list of resources to help you improve your organization's cybersecurity posture.
Learn More
Top Resource Icon
Health Industry Cybersecurity Supply Chain Risk Management Guide v2.0
This tool for smaller to mid-sized health organizations is focused on supply chain cybersecurity risk management.
Learn More
Supply Chain Icon
Health Industry Cybersecurity Supply Chain Risk Management Guide v2.0
This tool for smaller to mid-sized health organizations is focused on supply chain cybersecurity risk management.
Learn More
Top Resource Icon
Top 10 Myths of Security Risk Analysis
This checklist from the HHS Office of the National Coordinator for Health Information Technology (HHS/ONC/IT) helps separate fact from fiction.
Learn More
Tools Icon
Top 10 Myths of Security Risk Analysis
This checklist from the HHS Office of the National Coordinator for Health Information Technology (HHS/ONC/IT) helps separate fact from fiction.
Learn More
Top Resource Icon
Top 10 Tips for cybersecurity in Healthcare
HHS/ONC/IT provides its top ten tips for strengthening cybersecurity and provides information to help you get started on implementation.
Learn More
Tools Icon
Top 10 Tips for cybersecurity in Healthcare
HHS/ONC/IT provides its top ten tips for strengthening cybersecurity and provides information to help you get started on implementation.
Learn More